RE: Securing web site with redundancy ?

From: Ivan Groenewald (ivang2_at_xtrahost.co.uk)
Date: 08/24/04

  • Next message: Michael Richardson: "Re: XPSP2 compatability"
    To: "'Josh Tolley'" <josh@raintreeinc.com>, 'Bénoni MARTIN' <Benoni.MARTIN@libertis.ga>
    Date: Tue, 24 Aug 2004 14:16:07 +0100
    
    

    In Windows 2003 there is built in network load balancing that works with
    IIS6. (MS NLB)
    http://www.microsoft.com/resources/documentation/IIS/6/all/techref/en-us/iis
    RG_SCA_4.mspx

    In 2000 with IIS5 you can do webserver clustering from within IIS
    http://www.microsoft.com/windows2000/en/server/iis/default.asp?url=/windows2
    000/en/server/iis/htm/core/iiclusus.htm

    Alternatively a hardware solution like a Cisco CSS 11500 would also do.

    Ivan

    -----Original Message-----
    From: Josh Tolley [mailto:josh@raintreeinc.com]
    Sent: 20 August 2004 23:51
    To: Bénoni MARTIN
    Cc: security-basics@securityfocus.com; pen-test@securityfocus.com
    Subject: Re: Securing web site with redundancy ?

    There are loads of such options -- if you like Linux, the LVS project
    will do what you want. You might also look at heartbeat and mon, also
    linux utils. I couldn't tell you what commercial options you might want
    to use other than Windows clustering, which would do this as well. For
    that you may require some sort of shared storage, and a switch that's
    compatible -- it can do some funny things with arp, which really
    confuses a lot of switches (ours, for example, which has decided to
    broadcast all traffic to our cluster all over our LAN, which makes it a
    huge pain to use. Perhaps we have it configured wrong, but I haven't had
    time to look at it much).

    Josh Tolley
    Raintree Systems, Inc.
    http://www.raintreeinc.com
    760 509 9000

    Bénoni MARTIN wrote:
    > Hi all !
    >
    > I was wondering if there was a way to set up 2 "redundant" web servers
    (identical web sites), i.e. when one crashes, the other one takes the
    connection over. The same thing which is already available for firewalls
    (high disponibility), but with web servers.
    >
    > We would have 2 Windozes in a DMZ with IIS as the web server, and a pix
    firewall between the dmz and Internet. Is there any tool allowing this out
    there ? I tried to google quite a while, but without any chance...
    >
    > Some one has an idea ?
    >
    > Cheers list !
    >
    >
    ----------------------------------------------------------------------------

    --
    > Ethical Hacking at the InfoSec Institute. All of our class sizes are
    > guaranteed to be 12 students or less to facilitate one-on-one interaction
    > with one of our expert instructors. Check out our Advanced Hacking course,
    > learn to write exploits and attack security infrastructure. Attend a
    course
    > taught by an expert instructor with years of in-the-field pen testing
    > experience in our state of the art hacking lab. Master the skills of an
    > Ethical Hacker to better assess the security of your organization.
    > 
    > http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817
    >
    ----------------------------------------------------------------------------
    ---
    > 
    > 
    ---------------------------------------------------------------------------
    Computer Forensics Training at the InfoSec Institute. All of our class sizes
    are guaranteed to be 12 students or less to facilitate one-on-one
    interaction with one of our expert instructors. Gain the in-demand skills of
    a certified computer examiner, learn to recover trace data left behind by
    fraud, theft, and cybercrime perpetrators. Discover the source of computer
    crime and abuse so that it never happens again.
    http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040817
    ----------------------------------------------------------------------------
    ------------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. All of our class sizes are
    guaranteed to be 12 students or less to facilitate one-on-one interaction
    with one of our expert instructors. Check out our Advanced Hacking course,
    learn to write exploits and attack security infrastructure. Attend a course
    taught by an expert instructor with years of in-the-field pen testing
    experience in our state of the art hacking lab. Master the skills of an
    Ethical Hacker to better assess the security of your organization.
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    -------------------------------------------------------------------------------
    

  • Next message: Michael Richardson: "Re: XPSP2 compatability"

    Relevant Pages

    • RE: EC-Counsil (Book Review) Can we wrap this thread up?
      ... >>>Ethical Hacking at the InfoSec Institute. ... >>>with one of our expert instructors. ... >>>learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: EC-Counsil
      ... >>Ethical Hacking at the InfoSec Institute. ... >>with one of our expert instructors. ... Check out our Advanced Hacking ... >>learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • RE: [ok] Windows 2003 HAck
      ... Ethical Hacking at the InfoSec Institute. ... with one of our expert instructors. ... learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: EC-Counsil (Book Review) Can we wrap this thread up?
      ... I don't think you can go far wrong with the Hacking Exposed books, ... >> Ethical Hacking at the InfoSec Institute. ... >> with one of our expert instructors. ... >> learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: Rogue activity methodology (was: Tool to find hidden web proxyserver)
      ... Subject: Rogue activity methodology (was: Tool to find hidden web ... Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... learn to write exploits and attack security infrastructure. ...
      (Pen-Test)